Trustwave disputes lawsuit over Target data breach

Credit-card security software provider Trustwave Holdings Inc. says it was not monitoring Target Corp.'s computer network when the retailer was hacked during the holidays, allowing thieves to steal data on more than 40 million cards.

Trustwave was sued alongside Target last week in U.S. District Court in Chicago by two banks that want to recover the costs of issuing new credit and debit cards to their customers and covering losses from the hack.

The suit alleges Target made numerous errors and that Trustwave also was partly to blame. The complaint alleges that Trustwave wrongly certified Target as being in compliance with credit-card security standards. Trustwave's primary business is certifying that companies are in compliance with PCI standards that govern credit-card transactions. But Trustwave also has a services business that helps companies defend their IT networks from attack.

In the suit, the banks also allege that Trustwave was monitoring Target's network.

"Trustwave also provided round-the-clock monitoring services to Target, which monitoring was intended to detect intrusions into Target's systems and compromises of PII or other sensitive data. In fact, however, the data breach continued for nearly three weeks on Trustwave's watch.”